Author: hertzog Date: 2014-12-12 15:52:18 +0000 (Fri, 12 Dec 2014) New Revision: 30713
Modified: data/CVE/list data/dla-needed.txt Log: Add nss to dla-needed.txt due to CVE-2011-3389/nss And add the links to the associated commit and bug entry. Modified: data/CVE/list =================================================================== --- data/CVE/list 2014-12-12 15:52:12 UTC (rev 30712) +++ data/CVE/list 2014-12-12 15:52:18 UTC (rev 30713) @@ -66135,6 +66135,8 @@ [wheezy] - bouncycastle <no-dsa> (Minor issue) NOTE: No mitigation for bouncycastle, it is recommended to use TLS 1.1, which is supported since 1.4.9 - nss 3.13.1.with.ckbi.1.88-1 + NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=665814 + NOTE: https://hg.mozilla.org/projects/nss/rev/7f7446fcc7ab - polarssl <unfixed> (unimportant) NOTE: No mitigation for polarssl, it is recommended to use TLS 1.1, which is supported in all releases - tlslite <removed> Modified: data/dla-needed.txt =================================================================== --- data/dla-needed.txt 2014-12-12 15:52:12 UTC (rev 30712) +++ data/dla-needed.txt 2014-12-12 15:52:18 UTC (rev 30713) @@ -50,6 +50,8 @@ -- nfs-utils -- +nss +-- pyyaml -- qemu _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits